If you’re one of the millions of people who play Zynga Poker every day, you better start keeping your cards close to your chest. An investigation led by Internet security firm Eset has exposed a ring of bot computers that phished Facebook passwords from more than 16,000 people.
The hack was orchestrated via a network of 800 bot computers that posted phony messages that linked to what looked like porn sites (or “tabloid topics,” as Eset put it—see the picture below) on the walls of Zynga Poker players. Clicking a link on the phony site would redirect players back to what appeared to be Facebook, but was actually a phishing site that mimicked the social network’s design. When victims entered their username and login info into the fields, they essentially handed them over to the hacker.
With that info, the hacker could poke around anything on their Facebook account, and could even see how many credit cards the user had on file to buy Zynga poker credit (it doesn’t appear they could access the credit card numbers themselves, however). In some cases, the hacker would lure the compromised account holder’s friends to the same phony Facebook site and phish their passwords, too.
In a press release, Eset said the hacker’s targets were largely based in Israel. So if you’re playing anywhere else in the world, you’re probably safe—from this particular hack, at any rate. The obvious way to protect yourself from others like it is to check the URL of any site asking for your login information. If the address bar says “Facebook.com,” you’re probably good. Anything else and you might want to be a little skeptical.
Eset claimed that it notified Facebook of the attack in February, 2012 and the company took measures to shut it down. It effectively ceased operation around that time. Who was the mastermind behind the botnet? That’s still not clear. Eset says it’s working with the Israeli Computer Emergency Response Team in an ongoing investigation.
Meanwhile, Zynga is planning to launch a real-money poker game sometime soon, having already applied for license from the Nevada Gaming Control Board. Hackers should have a lot of fun with that one.
Zynga did respond to a request for a comment.
Photo by Vira G/Flickr